You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
* <p>Automatically enables Amazon Security Lake for new member accounts in your organization.
41
41
* Security Lake is not automatically enabled for any existing member accounts in your
42
42
* organization.</p>
43
+
* <p>This operation merges the new data lake organization configuration with the existing configuration for Security Lake in your organization. If you want to create a new data lake organization configuration, you must delete the existing one using <a href="https://docs.aws.amazon.com/security-lake/latest/APIReference/API_DeleteDataLakeOrganizationConfiguration.html">DeleteDataLakeOrganizationConfiguration</a>.</p>
43
44
* @example
44
45
* Use a bare-bones client and the command you need to make an API call.
* <p>The Open Cybersecurity Schema Framework (OCSF) event classes which describes the type of
385
-
* data that the custom source will send to Security Lake. The supported event classes are:</p>
386
-
* <ul>
387
-
* <li>
388
-
* <p>
389
-
* <code>ACCESS_ACTIVITY</code>
390
-
* </p>
391
-
* </li>
392
-
* <li>
393
-
* <p>
394
-
* <code>FILE_ACTIVITY</code>
395
-
* </p>
396
-
* </li>
397
-
* <li>
398
-
* <p>
399
-
* <code>KERNEL_ACTIVITY</code>
400
-
* </p>
401
-
* </li>
402
-
* <li>
403
-
* <p>
404
-
* <code>KERNEL_EXTENSION</code>
405
-
* </p>
406
-
* </li>
407
-
* <li>
408
-
* <p>
409
-
* <code>MEMORY_ACTIVITY</code>
410
-
* </p>
411
-
* </li>
412
-
* <li>
413
-
* <p>
414
-
* <code>MODULE_ACTIVITY</code>
415
-
* </p>
416
-
* </li>
417
-
* <li>
418
-
* <p>
419
-
* <code>PROCESS_ACTIVITY</code>
420
-
* </p>
421
-
* </li>
422
-
* <li>
423
-
* <p>
424
-
* <code>REGISTRY_KEY_ACTIVITY</code>
425
-
* </p>
426
-
* </li>
427
-
* <li>
428
-
* <p>
429
-
* <code>REGISTRY_VALUE_ACTIVITY</code>
430
-
* </p>
431
-
* </li>
432
-
* <li>
433
-
* <p>
434
-
* <code>RESOURCE_ACTIVITY</code>
435
-
* </p>
436
-
* </li>
437
-
* <li>
438
-
* <p>
439
-
* <code>SCHEDULED_JOB_ACTIVITY</code>
440
-
* </p>
441
-
* </li>
442
-
* <li>
443
-
* <p>
444
-
* <code>SECURITY_FINDING</code>
445
-
* </p>
446
-
* </li>
447
-
* <li>
448
-
* <p>
449
-
* <code>ACCOUNT_CHANGE</code>
450
-
* </p>
451
-
* </li>
452
-
* <li>
453
-
* <p>
454
-
* <code>AUTHENTICATION</code>
455
-
* </p>
456
-
* </li>
457
-
* <li>
458
-
* <p>
459
-
* <code>AUTHORIZATION</code>
460
-
* </p>
461
-
* </li>
462
-
* <li>
463
-
* <p>
464
-
* <code>ENTITY_MANAGEMENT_AUDIT</code>
465
-
* </p>
466
-
* </li>
467
-
* <li>
468
-
* <p>
469
-
* <code>DHCP_ACTIVITY</code>
470
-
* </p>
471
-
* </li>
472
-
* <li>
473
-
* <p>
474
-
* <code>NETWORK_ACTIVITY</code>
475
-
* </p>
476
-
* </li>
477
-
* <li>
478
-
* <p>
479
-
* <code>DNS_ACTIVITY</code>
480
-
* </p>
481
-
* </li>
482
-
* <li>
483
-
* <p>
484
-
* <code>FTP_ACTIVITY</code>
485
-
* </p>
486
-
* </li>
487
-
* <li>
488
-
* <p>
489
-
* <code>HTTP_ACTIVITY</code>
490
-
* </p>
491
-
* </li>
492
-
* <li>
493
-
* <p>
494
-
* <code>RDP_ACTIVITY</code>
495
-
* </p>
496
-
* </li>
497
-
* <li>
498
-
* <p>
499
-
* <code>SMB_ACTIVITY</code>
500
-
* </p>
501
-
* </li>
502
-
* <li>
503
-
* <p>
504
-
* <code>SSH_ACTIVITY</code>
505
-
* </p>
506
-
* </li>
507
-
* <li>
508
-
* <p>
509
-
* <code>CONFIG_STATE</code>
510
-
* </p>
511
-
* </li>
512
-
* <li>
513
-
* <p>
514
-
* <code>INVENTORY_INFO</code>
515
-
* </p>
516
-
* </li>
517
-
* <li>
518
-
* <p>
519
-
* <code>EMAIL_ACTIVITY</code>
520
-
* </p>
521
-
* </li>
522
-
* <li>
523
-
* <p>
524
-
* <code>API_ACTIVITY</code>
525
-
* </p>
526
-
* </li>
527
-
* <li>
528
-
* <p>
529
-
* <code>CLOUD_API</code>
530
-
* </p>
531
-
* </li>
532
-
* </ul>
385
+
* data that the custom source will send to Security Lake. For the list of supported event classes, see the <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/adding-custom-sources.html#ocsf-eventclass">Amazon Security Lake User Guide</a>.</p>
* <p>The Open Cybersecurity Schema Framework (OCSF) event classes which describes the type of
1563
-
* data that the custom source will send to Security Lake. The supported event classes are:</p>
1564
-
* <ul>
1565
-
* <li>
1566
-
* <p>
1567
-
* <code>ACCESS_ACTIVITY</code>
1568
-
* </p>
1569
-
* </li>
1570
-
* <li>
1571
-
* <p>
1572
-
* <code>FILE_ACTIVITY</code>
1573
-
* </p>
1574
-
* </li>
1575
-
* <li>
1576
-
* <p>
1577
-
* <code>KERNEL_ACTIVITY</code>
1578
-
* </p>
1579
-
* </li>
1580
-
* <li>
1581
-
* <p>
1582
-
* <code>KERNEL_EXTENSION</code>
1583
-
* </p>
1584
-
* </li>
1585
-
* <li>
1586
-
* <p>
1587
-
* <code>MEMORY_ACTIVITY</code>
1588
-
* </p>
1589
-
* </li>
1590
-
* <li>
1591
-
* <p>
1592
-
* <code>MODULE_ACTIVITY</code>
1593
-
* </p>
1594
-
* </li>
1595
-
* <li>
1596
-
* <p>
1597
-
* <code>PROCESS_ACTIVITY</code>
1598
-
* </p>
1599
-
* </li>
1600
-
* <li>
1601
-
* <p>
1602
-
* <code>REGISTRY_KEY_ACTIVITY</code>
1603
-
* </p>
1604
-
* </li>
1605
-
* <li>
1606
-
* <p>
1607
-
* <code>REGISTRY_VALUE_ACTIVITY</code>
1608
-
* </p>
1609
-
* </li>
1610
-
* <li>
1611
-
* <p>
1612
-
* <code>RESOURCE_ACTIVITY</code>
1613
-
* </p>
1614
-
* </li>
1615
-
* <li>
1616
-
* <p>
1617
-
* <code>SCHEDULED_JOB_ACTIVITY</code>
1618
-
* </p>
1619
-
* </li>
1620
-
* <li>
1621
-
* <p>
1622
-
* <code>SECURITY_FINDING</code>
1623
-
* </p>
1624
-
* </li>
1625
-
* <li>
1626
-
* <p>
1627
-
* <code>ACCOUNT_CHANGE</code>
1628
-
* </p>
1629
-
* </li>
1630
-
* <li>
1631
-
* <p>
1632
-
* <code>AUTHENTICATION</code>
1633
-
* </p>
1634
-
* </li>
1635
-
* <li>
1636
-
* <p>
1637
-
* <code>AUTHORIZATION</code>
1638
-
* </p>
1639
-
* </li>
1640
-
* <li>
1641
-
* <p>
1642
-
* <code>ENTITY_MANAGEMENT_AUDIT</code>
1643
-
* </p>
1644
-
* </li>
1645
-
* <li>
1646
-
* <p>
1647
-
* <code>DHCP_ACTIVITY</code>
1648
-
* </p>
1649
-
* </li>
1650
-
* <li>
1651
-
* <p>
1652
-
* <code>NETWORK_ACTIVITY</code>
1653
-
* </p>
1654
-
* </li>
1655
-
* <li>
1656
-
* <p>
1657
-
* <code>DNS_ACTIVITY</code>
1658
-
* </p>
1659
-
* </li>
1660
-
* <li>
1661
-
* <p>
1662
-
* <code>FTP_ACTIVITY</code>
1663
-
* </p>
1664
-
* </li>
1665
-
* <li>
1666
-
* <p>
1667
-
* <code>HTTP_ACTIVITY</code>
1668
-
* </p>
1669
-
* </li>
1670
-
* <li>
1671
-
* <p>
1672
-
* <code>RDP_ACTIVITY</code>
1673
-
* </p>
1674
-
* </li>
1675
-
* <li>
1676
-
* <p>
1677
-
* <code>SMB_ACTIVITY</code>
1678
-
* </p>
1679
-
* </li>
1680
-
* <li>
1681
-
* <p>
1682
-
* <code>SSH_ACTIVITY</code>
1683
-
* </p>
1684
-
* </li>
1685
-
* <li>
1686
-
* <p>
1687
-
* <code>CONFIG_STATE</code>
1688
-
* </p>
1689
-
* </li>
1690
-
* <li>
1691
-
* <p>
1692
-
* <code>INVENTORY_INFO</code>
1693
-
* </p>
1694
-
* </li>
1695
-
* <li>
1696
-
* <p>
1697
-
* <code>EMAIL_ACTIVITY</code>
1698
-
* </p>
1699
-
* </li>
1700
-
* <li>
1701
-
* <p>
1702
-
* <code>API_ACTIVITY</code>
1703
-
* </p>
1704
-
* </li>
1705
-
* <li>
1706
-
* <p>
1707
-
* <code>CLOUD_API</code>
1708
-
* </p>
1709
-
* </li>
1710
-
* </ul>
1415
+
* <p>The Open Cybersecurity Schema Framework (OCSF) event classes describes the type of
1416
+
* data that the custom source will send to Security Lake. For the list of supported event classes, see <a href="https://docs.aws.amazon.com/security-lake/latest/userguide/adding-custom-sources.html#ocsf-eventclass.html">Supported OCSF Event classes</a> in the Amazon Security Lake User Guide.</p>
0 commit comments